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REMARKS 

Reconsideration and allowance of the above -referenced 
application are respectfully requested. Claim amendments are 
presented herein to obviate the current rejection. No new 
matter has been added. 

Specification 

The paragraph beginning at page 3, line 21 of the 
specification has been amended to correct the reference to refer 
to private network 30. 

35 USC § 112 

Claim 19 has been amended to recite "wherein determining an 
application layer access control list entry" , a feature which 
has antecedent basis in claim 12 . 

35 USC § 103 

Claims 1, 3-8, 10-12 f 14-19, and 21-30 stand rejected under 
35 USC § 103(a) as allegedly being unpatentable over Rodwin in 
view of Fan and Srisuresh. Claims 9 and 20 stand rejected under 
35 USC § 103(a) as allegedly being unpatentable over Rodwin in 
view of Fan, Srisuresh, and Barkley. These rejections are 
respectfully traversed. 
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Claim 1 has been amended to recite: ^determining a private 
network address for a user in connection with the user accessing 
a network resource on a network; determining an application 
layer access control list entry for the user based on an access 
control policy; generating a network layer access control list 
entry for the user based on the determined private network 
address; sending the determined application layer access control 
list entry to nodes on the network that do not support network 
layer packet filtering; sending the generated network layer 
access control list entry to nodes on the network that support 
network layer packet filtering; translating a public network 
address to the private network address for the user accessing 
the network resource; and allowing or blocking the user access 
to the network resource based on at least one of the application 
access layer control list entry and the network layer access 
control list entry" (for support see, inter alia, specification 
page 3, line 21 to page 7, line 5). Claims 12 and 22 recite 
similar features. 

The combination of the cited references fails to disclose 
or otherwise suggest a method as recited in claim l . Fan 
describes an arrangement in which access lists may be modified 
to change packet filtering criteria (see, inter alia, Fan col. 
7, lines 24-26) , With this configuration, a firewall may 
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maintain state information regarding sessions and additionally 
inspect each packet within a data flow to ensure that a state of 
a session and the packets comply with a security policy (see, 
inter alia, col. 7, lines 21-38). Fan relates to packet 
filtering at a firewall based on access lists (as opposed to 
application layer ACLs) and does not describe determining an 
application layer access control list entry for user based on an 
access control policy and sending the determined application 
layer access control list entry to nodes on the network that do 
not support network layer packet filtering. Even combining with 
the other references would not suggest an arrangement in which 
both application layer access control list entries are sent to 
nodes on the network that do not support network layer packet 
filtering and network layer access control list entries are sent 
to nodes on the network that support network layer packet 
filtering. 

Accordingly, claims l, 12 , and 23 should be allowable. 
Concluding Comments 

It is believed that all of the pending claims have been 
addressed in this paper. However, failure to address a specific 
rejection, issue or comment, does not signify agreement with or 
concession of that rejection, issue or comment. In addition, 
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because the arguments made above are not intended to be 
exhaustive, there may be reasons for patentability of any or all 
pending claims (or other claims) that have not been expressed. 
Finally, nothing in this paper should be construed as an intent 
to concede any issue with regard to any claim, except as 
specifically stated in this paper, and the amendment of any 
claim does not necessarily signify concession of unpatentability 
of the claim prior to its amendment. 

Applicant asks that all claims be allowed. Please apply 
any charges or credits to Deposit Account No. 06-1050. 
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<*fc<St C. Harr i s 
Reg, No. 32 , 030 

Attorney for Intel Corporation 



15 



